saltine-0.1.0.0: Cryptography that's easy to digest (NaCl/libsodium bindings).

Copyright(c) Joseph Abrahamson 2013
LicenseMIT
Maintainerme@jspha.com
Stabilityexperimental
Portabilitynon-portable
Safe HaskellNone
LanguageHaskell2010

Crypto.Saltine.Core.OneTimeAuth

Description

Secret-key single-message authentication: Crypto.Saltine.Core.OneTimeAuth

The auth function authenticates a message ByteString using a secret key The function returns an authenticator. The verify function checks if it's passed a correct authenticator of a message under the given secret key.

The auth function, viewed as a function of the message for a uniform random key, is designed to meet the standard notion of unforgeability after a single message. After the sender authenticates one message, an attacker cannot find authenticators for any other messages.

The sender must not use auth to authenticate more than one message under the same key. Authenticators for two messages under the same key should be expected to reveal enough information to allow forgeries of authenticators on other messages.

Crypto.Saltine.Core.OneTimeAuth is crypto_onetimeauth_poly1305, an authenticator specified in "Cryptography in NaCl" (http://nacl.cr.yp.to/valid.html), Section 9. This authenticator is proven to meet the standard notion of unforgeability after a single message.

This is version 2010.08.30 of the onetimeauth.html web page.

Synopsis

Documentation

data Key Source #

An opaque auth cryptographic key.

Instances

Eq Key Source # 

Methods

(==) :: Key -> Key -> Bool #

(/=) :: Key -> Key -> Bool #

Ord Key Source # 

Methods

compare :: Key -> Key -> Ordering #

(<) :: Key -> Key -> Bool #

(<=) :: Key -> Key -> Bool #

(>) :: Key -> Key -> Bool #

(>=) :: Key -> Key -> Bool #

max :: Key -> Key -> Key #

min :: Key -> Key -> Key #

IsEncoding Key Source # 

newKey :: IO Key Source #

Creates a random key of the correct size for auth and verify.

auth Source #

Arguments

:: Key 
-> ByteString

Message

-> Authenticator 

Builds a keyed Authenticator for a message. This Authenticator is impossible to forge so long as the Key is never used twice.

verify Source #

Arguments

:: Key 
-> Authenticator 
-> ByteString

Message

-> Bool

Is this message authentic?

Verifies that an Authenticator matches a given message and key.